University of London International Programmes

• › study with us
• › find a course
• › how to apply
• › about us
• › contact us

Home » Find a Course » Postgraduate » Information Security » Syllabus

Information Security
MSc and Postgraduate Diploma

Syllabus

Security management [690IC01]
This module will emphasise the need for good security management. Its aims are to identify the problems associated with security management and to show how various (major) organisations solve those problems.

An introduction to cryptography and security mechanisms [690IC02]
The approach of this module is non-technical. The main objective is to introduce the students to the main types of cryptographic mechanism, to the security services which they can provide, and to their management, including key management. The mathematical content of this module is minimal. Support materials for the elementary mathematics needed for this module will be provided.

Network security [690IC03]
This module is concerned with the protection of data transferred over commercial information networks, including computer and telecommunications networks. After an initial brief study of current networking concepts, a variety of generic security technologies relevant to networks are studied, including user identification techniques, authentication protocols and key distribution mechanisms. This leads naturally to consideration of security solutions for a variety of types of practical networks, including LANs, WANs, proprietary computer networks, mobile networks and electronic mail.

Computer security [690IC04]
This course deals with the more technical means of making a computing system secure. This process starts with defining the proper security requirements, which are usually stated as a security policy. Security models formalise those policies and may serve as a reference to check the correctness of an implementation. The main security features and mechanisms in operating systems will be examined as well as security-related issues of computer architecture. Specific well-known operating systems are then studied as case studies. Other areas investigated include the security of middleware, software protection and web security.

Secure electronic commerce and other applications [690OPT5]
This module aims to put the role of security into perspective and demonstrate how it forms part of a security system within an application. The aim is to illustrate, usually by the use of case studies, how a particular situation may make certain aspects of security important and how an entire system might fit together.

Standards and evaluation criteria [690OPT7]
Over the last few years, a variety of security-related standards have been produced by international standards bodies. This module examines some of the most important of these standards in detail. In doing so it illustrates how international standards now cover many aspects of the analysis and design of secure systems. The material covered also puts certain other aspects of the degree course in a more structured setting. The module also covers existing security evaluation criteria, the current process for evaluating secure systems, and guidelines for managing IT security.

Advanced cryptography [690OPT8]
This module follows on from the introductory cryptography module. In that module cryptographic algorithms were introduced according to the properties they possessed and how they might fit into a larger security architecture. In this unit we look inside some of the most popular and widely deployed algorithms and we highlight design and cryptanalytic trends over the past twenty years. This course is, by necessity, somewhat mathematical and some basic mathematical techniques will be used. However, despite this reliance on mathematical techniques, the emphasis of the module is on understanding the more practical aspects of the performance and security of some of the most widely used cryptographic algorithms.

Database security [690OPT9]
This module covers several aspects of database security and the related subject of concurrency control in distributed databases. We will discuss methods for concurrency control and failure recovery in distributed databases and the interaction between those methods and security requirements. We will also examine how access control policies can be adapted to relational and object-oriented databases.

Information crime [690OPT10]
This module complements other modules by examining the subject from the criminal angle and presenting a study of computer crime and the computer criminal. We will discuss its history, causes, development and repression through studies of surveys, types of crime, legal measures, and system and human vulnerabilities. We will also examine the effects of computer crime through the experiences of victims and law enforcement and look at the motives and attitudes of hackers and other computer criminals.

Smart cards/tokens security and applications [690OP12]
This course will:
· provide an overview of smart cards/tokens and their properties
· introduce various applications that exploit smart cards/tokens
· examine benefits, threats and attacks
· consider systems for the development, manufacture and management of smart cards/tokens
· review smart card standards and security evaluation methodologies.

Project [6900011]
The project is a major individual piece of work. It can be of academic nature and aim at acquiring and demonstrating understanding and the ability to reason about some specific area of Information Security. Alternatively, the project work may document the ability to deal with a practical aspect of Information Security.

Site map | About this site | Privacy policy | Disclaimer | © University of LondonUpdated: 28 July, 2010